On Tue, 25 Feb 2014 08:39:40 +0100 Christian Heimes <christ...@python.org> wrote: > > this looks pretty serious -- and it caught me off guard, too. :( > > https://www.trustedsec.com/february-2014/python-remote-code-execution-socket-recvfrom_into/ > > Next time please inform the Python Security Response Team about any > and all issues that are related to buffer overflows or similar bugs. > In fact please drop a note about anything that even remotely look like > an exploitable issue. Even public bug reports should be forwarded to PSRT.
If that's the case, then can't we have an email hook on bugs.python.org every time an issue is classified as security? (either when created or later when modified) "Bug reports should be forwarded to PSRT" just adds a tedious and unnecessary manual step. Regards Antoine. _______________________________________________ Python-Dev mailing list Python-Dev@python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
